From: "Ludovic Courtès" <ludo@gnu.org>
To: Christopher Baines <mail@cbaines.net>
Cc: Josselin Poiret <dev@jpoiret.xyz>,
Simon Tournier <zimon.toutoune@gmail.com>,
Mathieu Othacehe <othacehe@gnu.org>,
Tobias Geerinckx-Rice <me@tobias.gr>,
Ricardo Wurmus <rekado@elephly.net>,
69292@debbugs.gnu.org, Christopher Baines <guix@cbaines.net>
Subject: [bug#69292] [PATCH 3/6] store: database: Inline SQL to where it's used.
Date: Fri, 23 Feb 2024 17:40:29 +0100 [thread overview]
Message-ID: <874jdzf81u.fsf@gnu.org> (raw)
In-Reply-To: <5abcabc4cb65ea63db7c4f046700116e4882b287.1708457946.git.mail@cbaines.net> (Christopher Baines's message of "Tue, 20 Feb 2024 19:39:03 +0000")
Christopher Baines <mail@cbaines.net> skribis:
> This makes the code easier to read, as you don't have to keep jumping between
> the two places.
>
> * guix/store/database.scm (path-id-sql, update-sql, insert-sql,
> add-reference-sql): Remove variables.
> (path-id, update-or-insert, add-references): Include SQL.
>
> Change-Id: I53b4ab973be8d0cd10a0f35ba25972f1c9680353
LGTM.
> (let ((id (path-id db path)))
> (if id
> - (let ((stmt (sqlite-prepare db update-sql #:cache? #t)))
> + (let ((stmt (sqlite-prepare
> + db
> + "
> +UPDATE ValidPaths
> +SET hash = :hash,
> + registrationTime = :time,
> + deriver = :deriver,
> + narSize = :size
> +WHERE id = :id"
> + #:cache? #t)))
I think we can make it a bit more dense (3 or 4 lines in total for the
statement). :-)
In the future, we should probably add a macro to sqlite3 like that one
from Cuirass:
--8<---------------cut here---------------start------------->8---
(define-syntax-rule (exec-query/bind db query args ...)
"Execute the specific QUERY with the given ARGS. Uses of 'exec-query/bind'
typically look like this:
(exec-query/bind db \"SELECT * FROM Foo WHERE x = \" x \"AND Y=\" y \";\")
References to variables 'x' and 'y' here are replaced by $1 and $2 in the
SQL query.
This ensures that (1) SQL injection is impossible, and (2) the number of
parameters matches the number of arguments to bind."
(%exec-query/bind db () "" query args ...))
--8<---------------cut here---------------end--------------->8---
That makes things slightly more readable IMO since you don’t end up with
two separate calls, one to prepare the statement and the other one to
bind its arguments.
Ludo’.
next prev parent reply other threads:[~2024-02-23 17:11 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-20 19:20 [bug#69292] [PATCH 0/6] Prepare the database code for use in the daemon Christopher Baines
2024-02-20 19:39 ` [bug#69292] [PATCH 1/6] store: database: Remove call-with-savepoint and associated code Christopher Baines
2024-02-20 19:39 ` [bug#69292] [PATCH 2/6] store: database: Remove with-statement " Christopher Baines
2024-02-23 16:35 ` Ludovic Courtès
2024-02-23 18:32 ` Reepca Russelstein via Guix-patches via
2024-03-05 11:05 ` Ludovic Courtès
2024-02-20 19:39 ` [bug#69292] [PATCH 3/6] store: database: Inline SQL to where it's used Christopher Baines
2024-02-23 16:40 ` Ludovic Courtès [this message]
2024-02-20 19:39 ` [bug#69292] [PATCH 4/6] store: database: Stop finalizing prepared statements Christopher Baines
2024-02-22 12:39 ` reepca--- via Guix-patches via
2024-02-26 10:50 ` Christopher Baines
2024-02-20 19:39 ` [bug#69292] [PATCH 5/6] store: database: Refactor sqlite-register Christopher Baines
2024-02-23 16:33 ` Ludovic Courtès
2024-02-20 19:39 ` [bug#69292] [PATCH 6/6] store: database: Rename a couple of procedures Christopher Baines
2024-02-23 16:43 ` Ludovic Courtès
2024-02-26 11:03 ` Christopher Baines
2024-02-27 9:24 ` Ludovic Courtès
2024-04-03 17:35 ` Christopher Baines
2024-02-23 16:31 ` [bug#69292] [PATCH 1/6] store: database: Remove call-with-savepoint and associated code Ludovic Courtès
2024-04-03 17:36 ` bug#69292: [PATCH 0/6] Prepare the database code for use in the daemon Christopher Baines
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874jdzf81u.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=69292@debbugs.gnu.org \
--cc=dev@jpoiret.xyz \
--cc=guix@cbaines.net \
--cc=mail@cbaines.net \
--cc=me@tobias.gr \
--cc=othacehe@gnu.org \
--cc=rekado@elephly.net \
--cc=zimon.toutoune@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).